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Disposition of Claims 

4) IE Claim(s) 13-22 and 24-34 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) S Claim(s) 13-22 and 24-34 is/are rejected. 
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DETAILED ACTION 

Claim Rejections - 35 USC §112 

1 . The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

2. Claims 17 and 24 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

3. Claim 17 recites the limitation "a virtually-wired switching fabric" in lines 4-5. ' 
There is insufficient antecedent basis for this limitation in the claim. 

4. Claim 24 recites the limitation "said fabric" in line 3. There is insufficient 
antecedent basis for this limitation in the claim, "said fabric" is understood for - a 
virtually-wired switching fabric-. 



Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 
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(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21 (2) 
of such treaty in the English language. 

6. Claims 13-16, 18-22 and 25-30 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Vairavan, U.S. Patent Application Publication No. 2002/0083344 
(hereinafter Vairavan). 

7. With respect to claims 22 and 1 3, Vairavan teaches a method of managing a 
network [see abstract and fig. 1 ], said method comprising: 

■ accessing a database of a stored physical topology of said network to obtain 
authorized address at host ports of switches [paragraphs 0074-0084 i.e. a 
security policy database]; 

■ configuring a switch in said network to forward a packet received at a first port 
[120, 125 and 130] if an address associated with said packet is authorized for 
said first port [paragraphs 0054-0060]; 

■ comparing a set of learned addresses against set of expected addresses, 
said learned addresses comprising addresses associated with packets 
processed at a second port [115a-g], said expected addresses derived from 
an expected configuration of said network [paragraphs 0059-0060 and 0086- 
0101]; and 

■ tracing a topology of said network to find a third port where an unexpected 
address [i.e. intrusion detection] entered said network, said third port coupled 
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to a device having a media access control (MAC address) that is said 
unexpected address [paragraphs 0059, 0067, 0090 and paragraphs 0131- 
0140]. 

8. With respect to claim 25, Vairavan further teaches said configuring the switch 
further comprises configuring the switch to drop said packet if said address is not 
authorized [paragraph 0132]. 

9. With respect to claims 1 8 and 26, Vairavan further teaches said configuring the 
switch comprises programming the switch in said network to recognize authorized 
address for said first port [paragraphs 0054-0060]. 

1 0. With respect to claim 27, Vairavan further teaches said configuring the switch 
further comprises configuring the switch to forward said packet to a host device [215 i.e. 
system, processor] if said address is authorized for said first port, said first port coupled 
to said host device [paragraphs 0054-0060]. 

1 1 . With respect to claim 28, Vairavan further teaches said method further 
comprising: determining changes in physical topology of said network [paragraphs 
0060 and 0086-0088]. 
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12. With respect to claim 29, Vairavan further teaches said determining changes in 
physical topology comprises comparing a physical description of said network with said 
stored physical topology of said network [paragraphs 0060 and 0086-0088]. 

13. With respect to claims 30, Vairavan further teaches said address is a media 
access control (MAC) address and wherein said network comprises a virtually-wired 
switching fabric [fig. 2]. 

14. With respect to claims 14-15, Vairavan further teaches said network is a virtually- 
wired switching network [fig. 1 ] and said first port couples switches in said network and 
said second port is couple to a host device [paragraphs 0046-0054]. 

15. With respect to claim 16, Vairavan further teaches said method further 
comprises: taking corrective action at said second port, wherein said second port is 
coupled to a host device [paragraphs 0069-0071]. 

16. With respect to claim 1 9, Vairavan further teaches of said method is repeated for 
each interconnect port in said network, wherein said network comprises a plurality of 
switches [paragraph 0069 and fig. 1 ]. 
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17. With respect to claim 20, Vairavan further teaches said method further 
comprises: determining changes in physical topology of said network [paragraphs 
0059-0060 and 0086]. 

18. With respect to claim 21 , Vairavan further teaches of said method comprises 
comparing a physical description of said network with a stored physical description of 
said network [paragraphs 0073-0088]. 

Claim Rejections - 35 USC § 103 

19. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

20. Claims 17 and 24 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Vairavan as applied to claims 13 and 22 above, and further in view of Holloway et 
al., U.S. Patent No. 5,805,801 (hereinafter Holloway). 

21 . With respect to claims 17 and 24, Vairavan further teaches the method further 
comprising: said network is a virtually-wired switching fabric [fig. 2] and said third port is 
at the edge of said fabric [paragraphs 0068-0070]. 

However, Vairavan does not explicitly show disabling said third port. 
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In a method of managing a network, Holloway discloses disabling a port [col.3, 
lns.3-25]. 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time of the invention was made to modify Vairavan in view of Holloway by disabling the 
port because this feature not only provides for detection of security intrusions, but also 
provides the proactive actions needed to stop the proliferation of security intrusions over 
the domain [Holloway, col.2, lns.41-45]. It is for this reason that one of ordinary skill in 
the art at the time of the invention would have been motivated in order to filter on their 
respective ports against the intruding unauthorized address [Holloway, see abstract]. 

22. Claims 31 -34 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Vairavan, in view of Holloway. 

23. With respect to claim 31 , Vairavan teaches a network comprising: 

■ a plurality switches [paragraphs 0047-0048]; 

■ said switches interconnected and configured to control communication 
between a plurality of devices coupled to said network [fig.1]; 

■ a database having stored therein a stored physical topology of said network 
and authorized addresses associated with packets processed at ports of said 
switches, wherein said authorized addresses are based on said stored 
physical topology [paragraphs 0074-0084 i.e. a security policy database]; 
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However, Vairavan does not explicitly show a configuration agent that is able to 
program said switches based on said authorized address to detect a packet having an 
unauthorized address; and a management agent that is able to: compare addresses 
learned by said switches against said authorized addresses to determine an 
unauthorized address; and trace a topology of said network to determine a port where a 
packet associated with said unauthorized address entered said network. 

In a communication system, Holloway discloses a configuration agent that is able 
to program said switches based on said authorized address to detect a packet having 
an unauthorized address [col.3, lns.30-43 and col.4, ln.46 - col.5, In. 12]; and a 
management agent that is able to: compare addresses learned by said switches against 
said authorized addresses to determine an unauthorized address [col.7, lns.7-68 and 
col.3, lns.37-39]; and trace a topology of said network to determine a port where a 
packet associated with said unauthorized address entered said network [col. 8, Ins. 1-60]. 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time of the invention was made to modify Vairavan in view of Holloway by adding a 
configuration agent and management agent because this feature this feature not only 
provides for detection of security intrusions, but also provides the proactive actions 
needed to stop the proliferation of security intrusions over the domain [Holloway, col. 2, 
lns.41 -45]. It is for this reason that one of ordinary skill in the art at the time of the 
invention would have been motivated in order to send an alert frame to the functional 
address [Holloway, col.8, Ins. 18-1 9]. 
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24. With respect to claim 32, Vairavan further teaches said switches are further 
configured to forward said packet if said address is authorized [paragraphs 0054-0060]. 

25. With respect to claim 33, Vairavan further teaches said switches are further 
configured to drop said packet if said address is not authorized [paragraph 0132]. 

26. With respect to claim 34, Vairavan further teaches there is a one-to-one mapping 
between ports of said switches [paragraphs 0047-0049]. 

Response to Arguments 

27. Applicant's arguments with respect to claims 1 -34 have been considered but are 
moot in view of the new ground(s) of rejection. 

Conclusion 

28. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 

§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
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shortened statutory period will expire on the date the advisory action is mailed, and any 
- extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

29. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Nghi V. Tran whose telephone number is (571 ) 272- 
4067. The examiner can normally be reached on Monday-Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Zarni Maung can be reached on (571) 272-3939. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




Nghi V Tran 
Patent Examiner 
Art Unit 2151 
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